Skip to content
VigilGuard Logo VigilGuard
Contact Us
EASM Platform VendorGuard ITRM Platform

Personnel External Activity

Personnel External Activity

Section titled “Personnel External Activity”

5 automated security scanners

Employee Side Project Exposure

Section titled “Employee Side Project Exposure”

Purpose: The Employee Side Project Exposure Scanner is designed to identify potential security risks by detecting personal GitHub projects, startup involvement, and open source contributions of employees that may not align with company policies or could pose a risk to the organization. This tool helps organizations maintain the confidentiality and integrity of their proprietary information and protect against intellectual property theft.

What It Detects:

  • Personal GitHub Repositories: Scans for public repositories owned by employees using their LinkedIn profiles, identifying those that contain sensitive information or code related to the company’s technology stack.
  • Startup Involvement: Searches for mentions of employee involvement in startups on LinkedIn and other professional networks, detecting any startup-related projects that could pose a conflict of interest or security risk.
  • Open Source Contributions: Identifies open source contributions by employees that may include sensitive company information, checking for repositories where significant contributions have been made and assessing the content for potential risks.
  • Domain-Specific Code Search: Utilizes GitHub’s code search API to find instances of company-specific code or data in public repositories, detecting unauthorized sharing of proprietary information through open source platforms.
  • News and Job Board Analysis: Scrapes news articles and job boards for mentions of employee projects that could indicate external activities, identifying any technology stack disclosures that may reveal sensitive internal processes or tools.

Inputs Required:

  • domain (string): Primary domain to analyze (e.g., acme.com)
  • company_name (string): Company name for statement searching (e.g., “Acme Corporation”)

Business Impact: This scanner is crucial for maintaining the security and confidentiality of an organization’s intellectual property. It helps prevent unauthorized disclosure of sensitive information, protects against potential conflicts of interest, and ensures compliance with company policies regarding proprietary technology and data.

Risk Levels:

  • Critical: Findings that directly involve significant exposure of confidential company information or direct threats to the security infrastructure.
  • High: Findings indicating involvement in startups or open source projects that could lead to conflicts of interest or unauthorized access to sensitive data.
  • Medium: Findings related to personal GitHub repositories containing proprietary code snippets or mentions on news and job boards that might hint at ongoing unauthorized activities.
  • Low: Informal findings such as minor mentions of the company’s technology stack in public repositories, which do not pose significant risk but should be monitored for potential future risks.
  • Info: Non-critical findings related to publicly available information about employees and their projects that does not directly affect security but might indicate broader engagement with sensitive topics.

Example Findings:

  1. A public GitHub repository belonging to an employee contains detailed project specifications and source code snippets that could potentially reveal the company’s proprietary software architecture.
  2. Significant contributions by an employee to a third-party open source project include references to internal company tools and data, indicating unauthorized sharing of sensitive information.

Leadership External Affiliations

Section titled “Leadership External Affiliations”

Purpose: The Leadership External Affiliations Scanner is designed to identify potential conflicts of interest or external influences that may affect an organization’s security posture by detecting involvement of CISO/CTO in outside ventures, advisory roles, and conference associations.

What It Detects:

  • Outside Ventures Involvement: Identifies mentions of CISO/CTO participation in startups, venture capital investments, or other business activities.
    • Example Patterns: ciso.*investor, cto.*startup
  • Advisory Roles: Detects roles as advisors to external organizations, boards, or committees.
    • Example Patterns: ciso.*advisor, cto.*board member
  • Conference Associations: Finds mentions of CISO/CTO speaking at conferences, workshops, or seminars.
    • Example Patterns: ciso.*conference, cto.*seminar
  • LinkedIn Profiles: Scrapes LinkedIn profiles for relevant keywords indicating external affiliations.
    • Example Patterns: ciso.*linkedin.com/in, cto.*linkedin.com/in
  • GitHub Contributions: Searches GitHub repositories and contributions for CISO/CTO involvement in open-source projects or other ventures.
    • Example Patterns: ciso.*github.com, cto.*github.com

Inputs Required:

  • domain (string): Primary domain to analyze (e.g., acme.com)
  • company_name (string): Company name for statement searching (e.g., “Acme Corporation”)

Business Impact: Identifying potential conflicts of interest or external influences is crucial for maintaining a secure organizational environment, as it helps in mitigating risks associated with unauthorized access to sensitive information and ensuring that the leadership’s focus remains on the organization’s security posture.

Risk Levels:

  • Critical: High involvement in multiple outside ventures, advisory roles, or conference associations without proper disclosure can lead to significant conflicts of interest and may compromise organizational security.
  • High: Significant involvement in outside ventures, advisory roles, or conference associations that could influence decision-making processes within the organization.
  • Medium: Moderate involvement in external affiliations that might require further investigation for potential conflicts.
  • Low: Minimal involvement in external affiliations with minimal risk to organizational security.
  • Info: Informal affiliations that do not pose a direct threat but may indicate areas for future consideration and engagement strategies.

Example Findings:

  • The CISO’s profile mentions multiple advisory roles across various industries, which could lead to potential conflicts of interest affecting the organization’s cybersecurity strategy.
  • The CTO has significant involvement in open-source projects on GitHub, indicating a strong community contribution but potentially diverting attention from corporate responsibilities.

Activist Connections

Section titled “Activist Connections”

Purpose: The Activist Connections Scanner is designed to identify potential risks associated with external personnel activities that may impact an organization’s reputation and security posture. By analyzing public records, social media profiles, and open-source intelligence (OSINT) sources, this tool aims to detect controversial affiliations, hacktivist connections, political campaign involvement, security incident coverage, and technology stack disclosures.

What It Detects:

  • Controversial Affiliations: Identifies mentions of controversial organizations or groups in LinkedIn profiles and searches for associations with known activist or protest movements on GitHub repositories.
  • Hacktivist Connections: Looks for involvement in hacktivist activities by searching GitHub commit messages and issue comments, detecting participation in hacktivist forums such as Reddit subreddits related to hacking and activism.
  • Political Campaign Involvement: Scans LinkedIn profiles for political endorsements or campaign contributions, searches news articles and job boards for mentions of political campaigns associated with company personnel.
  • Security Incident Coverage: Identifies security breaches mentioned in news articles and press releases, checks for breach history using the HaveIBeenPwned API.
  • Technology Stack Disclosure: Analyzes GitHub repositories to identify technology stacks used by external contributors, searches job boards for mentions of specific technologies related to cybersecurity or hacking tools.

Inputs Required:

  • domain (string): Primary domain to analyze (e.g., acme.com)
  • company_name (string): Company name for statement searching (e.g., “Acme Corporation”)

Business Impact: This scanner is crucial for organizations looking to maintain a secure and ethical reputation, as it helps in identifying potential risks associated with external personnel activities that could negatively impact the organization’s standing and security measures.

Risk Levels:

  • Critical: Conditions where there are clear mentions of controversial affiliations or involvement in significant hacktivist activities directly affecting organizational operations or sensitive information.
  • High: Conditions involving political campaign associations that may influence public perception or compliance with regulatory standards, especially if linked to cybersecurity risks.
  • Medium: Conditions involving exposure to specific technologies used in hacking tools or known for facilitating cyber threats, which could be exploited by adversaries.
  • Low: Informal mentions of technology stacks not directly related to high-risk activities but indicative of broader industry trends or incidental use that does not pose significant security risks.
  • Info: Non-controversial affiliations, hacktivist connections at a low volume, and minimal political campaign associations that do not significantly affect the organization’s risk profile.

Example Findings:

  • “Controversial organization XYZ was mentioned in an employee’s LinkedIn profile.”
  • “Hacktivist activity detected in GitHub commit messages related to sensitive project details.”
  • “Political endorsements found on a personnel’s LinkedIn, potentially influencing public policy decisions.”

Professional Organization Membership

Section titled “Professional Organization Membership”

Purpose: The Professional Organization Membership Scanner is designed to identify and assess various memberships and certifications of a company’s personnel by analyzing publicly available data sources. This tool helps in evaluating the company’s dedication to cybersecurity practices and regulatory compliance, providing valuable insights into its security posture.

What It Detects:

  • Security Group Participation: Identifies mentions of participation in prominent security groups such as OWASP, SANS, or local cybersecurity forums.
  • Standards Body Involvement: Identifies involvement in standards bodies like ISO/IEC JTC1 SC27, NIST, or PCI DSS.
  • Industry Association Memberships: Detects membership in industry associations including ISACA, (ISC)², or IEEE-CS.
  • Professional Certifications: Identifies claims of professional certifications such as SOC 2, ISO 27001, and HIPAA compliance.
  • Technical Stack Disclosure: Detects mentions of specific technologies and tools used by the company.

Inputs Required:

  • domain (string): The primary domain to analyze, which helps in identifying relevant data sources such as LinkedIn profiles, GitHub repositories, SEC filings, news articles, and job boards related to this domain.
  • company_name (string): The name of the company is essential for searching and filtering relevant information from various online platforms and databases.

Business Impact: Assessing an organization’s commitment to cybersecurity best practices and regulatory compliance is crucial as it directly impacts the security posture of the enterprise. Understanding the professional affiliations and certifications of personnel can help in predicting potential vulnerabilities, risks, and areas for improvement in compliance with industry standards and regulations.

Risk Levels:

  • Critical: Conditions that pose a severe risk to cybersecurity or regulatory compliance, potentially leading to significant data breaches or legal penalties.
  • High: Conditions that indicate high vulnerability or non-compliance, requiring immediate attention to mitigate potential risks.
  • Medium: Conditions that suggest moderate levels of non-compliance or vulnerability, which should be addressed within the next evaluation cycle.
  • Low: Conditions that are in line with current standards and pose minimal risk.
  • Info: Informative findings that provide general insights but do not directly indicate compliance issues or significant risks.

If specific risk levels are not specified in the README, they have been inferred based on the purpose of the scanner and its potential impact.

Example Findings:

  1. The company claims to be a member of ISO/IEC JTC1 SC27 but lacks concrete evidence or documentation to support this claim.
  2. Personnel listed as having SOC 2 type II certification do not have verifiable records in the public domain, raising questions about the authenticity of their professional qualifications.

Academic Research Engagements

Section titled “Academic Research Engagements”

Purpose: The Academic Research Engagements Scanner is designed to evaluate and assess the academic research engagements of a specified company by analyzing various public records, open-source intelligence (OSINT) sources, and digital footprints. This tool aims to identify mentions of academic collaborations, publications, and research activities related to the identified company across multiple platforms including GitHub repositories, LinkedIn profiles, news articles, SEC filings, and job board listings.

What It Detects:

  • GitHub Repository Mentions: Identifies repositories that mention the company name or domain, focusing on code contributions from academic institutions.
  • LinkedIn Profile Analysis: Scans LinkedIn profiles for mentions of the company in academic research contexts, including publications and projects related to the company’s research activities.
  • News Articles and Press Releases: Searches news articles and press releases for mentions of academic collaborations or research involving the company, highlighting any partnerships with universities or research institutions.
  • SEC Filings: Analyzes SEC filings for disclosures related to academic research engagements such as grants, contracts, and collaborations.
  • Job Board Listings: Scans job board listings for positions that require academic research experience or mention ongoing research projects involving the company.

Inputs Required:

  • domain (string): The primary domain of the company to be analyzed (e.g., acme.com).
  • company_name (string): The name of the company for which the analysis is conducted (e.g., “Acme Corporation”).

Business Impact: This scanner plays a crucial role in enhancing the transparency and accountability of companies regarding their academic research engagements, potentially influencing decision-making processes within organizations to foster stronger collaborations with academia and support sustained innovation.

Risk Levels:

  • Critical: The scanner identifies critical findings such as undisclosed partnerships or significant financial disclosures related to academic research that could significantly impact a company’s reputation or compliance posture.
  • High: High severity risks include prominent mentions of the company in unauthorized collaborations, unreported contracts, and substantial investments in academic research without public disclosure.
  • Medium: Medium severity includes minor infractions such as tangential mentions in publications or job listings that might indicate potential gaps in transparency but do not pose immediate risk to compliance.
  • Low: Informational findings are those that provide minimal context about the company’s engagements with academia, such as generic news articles mentioning a broad industry rather than specific entities like the analyzed company.
  • Info: These are generally non-specific mentions or indirect references that do not carry significant risk but can be useful for broader market and competitive intelligence.

Example Findings:

  1. The scanner identified multiple GitHub repositories discussing projects related to the company’s domain, indicating potential academic collaborations in open-source software development.
  2. LinkedIn profiles linked to the company mentioned ongoing research partnerships with leading universities, suggesting a high level of engagement in cutting-edge academic research.